CWE-285

High likelihood

Improper Authorization

Parent: CWE-284 - Improper Access Control

The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.

1,214 vulnerabilities with CWE-285
CVE-2026-20960 HIGH
Microsoft Power Apps - Code Injection
CVSS 8.0
CVE-2026-22252 CRITICAL
Librechat - Improper Authorization
CVSS 9.1
CVE-2026-22042 HIGH
Rustfs < 1.0.0-alpha.79 - Incorrect Authorization
CVSS 8.8
CVE-2026-0574 MEDIUM
yeqifu warehouse <aaf29962ba407d22d991781de28796ee7b4670e4 - Privil...
CVSS 6.3
CVE-2025-67259 MEDIUM
ClassroomIO 0.1.13 - Broken Access Control
CVSS 6.5
CVE-2025-10731 MEDIUM
ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More <= 2.2.12 - Unauthenticated Sensitive Information Exposure to Data Export
CVSS 5.3
CVE-2025-10736 MEDIUM
ReviewX < 2.2.10 - Information Exposure
CVSS 6.5
CVE-2025-15582 MEDIUM
detronetdip E-commerce 1.0.0 - Auth Bypass
CVSS 5.4
CVE-2025-71242 MEDIUM
SPIP <4.3.6/4.2.17/4.1.20 - Info Disclosure
CVSS 6.5
CVE-2025-4521 HIGH
IDonate WordPress Plugin 2.1.5-2.1.9 - Privilege Escalation
CVSS 8.8
CVE-2025-43403 MEDIUM
macOS <15.7.4/<14.8.4 - Info Disclosure
CVSS 5.5
CVE-2025-30508 MEDIUM
Intel(R) Quick Assist Technology - DoS
CVSS 6.5
CVE-2025-59100 MEDIUM
SQLite Database Export - Info Disclosure
CVE-2025-14348 MEDIUM
weMail <2.0.7 - Auth Bypass
CVSS 5.3
CVE-2025-67603 MEDIUM
Foomuuri <0.31 - Auth Bypass
CVE-2025-12958 LOW
Rankology SEO & Analytics Tool <2.0 - Info Disclosure
CVSS 2.7
CVE-2025-9294 MEDIUM
QSM <10.3.1 - Info Disclosure
CVSS 4.3
CVE-2025-61781 HIGH
Citeum Opencti < 6.8.1 - Incorrect Authorization
CVSS 7.1
CVE-2025-15213 MEDIUM
Fabian Student File Management System - Improper Authorization
CVSS 4.3
CVE-2025-15126 LOW
Jeecg Boot < 3.9.0 - Incorrect Authorization
CVSS 3.1
CVE-2025-15125 LOW
Jeecg Boot < 3.9.0 - Incorrect Authorization
CVSS 3.1
CVE-2025-15124 LOW
Jeecg Boot < 3.9.0 - Incorrect Authorization
CVSS 3.1
CVE-2025-15123 LOW
Jeecg Boot < 3.9.0 - Incorrect Authorization
CVSS 3.1
CVE-2025-15122 LOW
Jeecg Boot < 3.9.0 - Incorrect Authorization
CVSS 3.1
CVE-2025-15120 LOW
Jeecg Boot < 3.9.0 - Incorrect Authorization
CVSS 3.1
Details
Vulnerabilities 1,214
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits